Roundup Tracker - Issues

Issue 2550711

classification
Reflected cross-site scripting in 'action' parameter.
Type: security Severity: minor
Components: Web interface Versions: 1.4
process
Status: closed fixed
:
: schlatterbeck : om, schlatterbeck
Priority: :

Created on 2011-07-05 11:47 by om, last changed 2012-01-05 15:25 by schlatterbeck.

Messages
msg4325 Author: [hidden] (om) Date: 2011-07-05 11:47
The content of action_name is not encoded before displaying an error
message.

Example:
/support/issue1?@action="><script>alert(1)</script>

The issue is in the following line from cgi/client.py:
raise ValueError('No such action "%s"'%action_name)
msg4468 Author: [hidden] (schlatterbeck) Date: 2012-01-05 15:25
Fixed in Git c29ac93
thanks for reporting!
History
Date User Action Args
2012-01-05 15:25:13schlatterbecksetstatus: new -> closed
assignee: schlatterbeck
resolution: fixed
messages: + msg4468
nosy: + schlatterbeck
2011-07-05 11:47:11omcreate